<<< Date Index >>>     <<< Thread Index >>>

iodine client 0.3.2 buffer overflow



hi,
iodine client 0.3.2, available at http://code.kryo.se/iodine/ , suffers from a 
stack-based buffer overflow vulnerability which could result in the execution 
of arbitrary code.  
A specially crafted dns response sent through an UDP packet can be used to 
exploit this issue.

cheers
-p